Lucene search
K

171 matches found

CNVD
CNVD
added 2021/09/24 12:0 a.m.8 views

Huawei FusionCompute Incorrect File Upload Control Vulnerability

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. A security vulnerability exists in Huawei FusionCompute, which stems from the application improperly validating uploaded files...

7.5CVSS6.9AI score0.00636EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/24 12:0 a.m.28 views

Huawei FusionCompute Command Injection Vulnerability (CNVD-2021-84882)

Huawei FusionCompute is a computer virtualization engine from Huawei China. A command injection vulnerability exists in the CMA service of the Huawei FusionCompute product, which provides Virtual Resource Manager VRM and Compute Node Agent CNA. The vulnerability stems from the fact that special...

9CVSS2.9AI score0.00898EPSS
Exploits0References1
Huawei
Huawei
added 2021/09/22 12:0 a.m.40 views

Security Advisory - Command Injection Vulnerability in Huawei FusionCompute Product

There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful...

9CVSS8.9AI score0.00946EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/09/22 12:0 a.m.34 views

Security Advisory - Improper File Upload Control Vulnerability in Huawei FusionCompute Product

There is an improper file upload control vulnerability in Huwei FusionCompute product. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal. Vulnerability...

7.5CVSS7.5AI score0.00636EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/09/22 12:0 a.m.4 views

Huawei FusionCompute 命令注入漏洞

Huawei FusionCompute is a computer virtualization engine from Huawei China. A command injection vulnerability exists in the CMA service of the Huawei FusionCompute product, which provides Virtual Resource Manager VRM and Compute Node Agent CNA. The vulnerability stems from the fact that special...

9CVSS7.1AI score0.00898EPSS
Exploits0References4
Huawei
Huawei
added 2021/09/22 12:0 a.m.37 views

Security Advisory - Command Injection Vulnerability in Huawei FusionCompute Product

There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful...

9CVSS7.1AI score0.00898EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/09/22 12:0 a.m.6 views

Huawei FusionCompute 代码问题漏洞

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. A security vulnerability exists in Huawei FusionCompute, which stems from the application improperly validating uploaded files...

7.5CVSS7.3AI score0.00636EPSS
Exploits0References3
CNVD
CNVD
added 2021/06/30 12:0 a.m.23 views

Multiple Huawei products competitive conditions vulnerability

Huawei FusionCompute is a computer virtualization engine from Huawei, China. Huawei Manageone is a cloud data center management solution from Huawei, China. Huawei SMC2.0 is a video management solution from Huawei, China. Several Huawei products have a competitive condition vulnerability that cou...

4.7CVSS1.8AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/29 12:0 a.m.6 views

Huawei Manageone 竞争条件问题漏洞

Huawei FusionCompute is a computer virtualization engine from Huawei, China. Huawei Manageone is a cloud data center management solution from Huawei, China. Huawei SMC2.0 is a video management solution from Huawei, China. Several Huawei products have a competitive condition vulnerability that cou...

4.7CVSS5.7AI score0.00114EPSS
Exploits0References3
OSV
OSV
added 2021/05/27 1:15 p.m.5 views

CVE-2021-22358

There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal...

4.3CVSS5.8AI score0.00533EPSS
Exploits0References1
NVD
NVD
added 2021/05/27 1:15 p.m.24 views

CVE-2021-22358

There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal...

4.3CVSS0.00533EPSS
Exploits0References1
Prion
Prion
added 2021/05/27 1:15 p.m.20 views

Input validation

There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal...

4CVSS4.6AI score0.00533EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/27 12:33 p.m.27 views

CVE-2021-22358

There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal...

4.9AI score0.00533EPSS
Exploits0References1
CVE
CVE
added 2021/05/27 12:33 p.m.59 views

CVE-2021-22358

CVE-2021-22358 affects Huawei FusionCompute 8.0.0. The issue is an insufficient input validation vulnerability that allows an attacker to upload arbitrary files to the device, potentially causing the service to become abnormal. Documents from multiple sources confirm the root cause and impact, wi...

4.3CVSS4.6AI score0.00533EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/05/07 12:0 a.m.22 views

Huawei FusionCompute Input Validation Error Vulnerability

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An input validation error vulnerability exists in Huawei FusionCompute version 8.0.0. The vulnerability stems from inadequate inp...

4.3CVSS3.4AI score0.00533EPSS
Exploits0References1
Huawei
Huawei
added 2021/05/06 12:0 a.m.38 views

Security Advisory - Insufficient Input Validation Vulnerability in FusionCompute Product

There is an insufficient input validation vulnerability in FusionCompute product. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal. Vulnerability ID: HWPSIRT-2020-05085 This...

4.3CVSS4.5AI score0.00533EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.5 views

Huawei FusionCompute 输入验证错误漏洞

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An input validation error vulnerability exists in Huawei FusionCompute version 8.0.0. The vulnerability stems from inadequate inp...

4.3CVSS5.8AI score0.00533EPSS
Exploits0References3
NVD
NVD
added 2020/12/01 1:15 a.m.21 views

CVE-2020-9114

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause...

7.8CVSS7.8AI score0.00216EPSS
Exploits0References1
OSV
OSV
added 2020/12/01 1:15 a.m.2 views

CVE-2020-9114

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause...

7.8CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2020/12/01 1:15 a.m.20 views

Privilege escalation

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause...

7.2CVSS7.7AI score0.00216EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder